1// Copyright 2009 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5package tls 6 7import ( 8 "encoding/hex" 9 "testing" 10) 11 12type testSplitPreMasterSecretTest struct { 13 in, out1, out2 string 14} 15 16var testSplitPreMasterSecretTests = []testSplitPreMasterSecretTest{ 17 {"", "", ""}, 18 {"00", "00", "00"}, 19 {"0011", "00", "11"}, 20 {"001122", "0011", "1122"}, 21 {"00112233", "0011", "2233"}, 22} 23 24func TestSplitPreMasterSecret(t *testing.T) { 25 for i, test := range testSplitPreMasterSecretTests { 26 in, _ := hex.DecodeString(test.in) 27 out1, out2 := splitPreMasterSecret(in) 28 s1 := hex.EncodeToString(out1) 29 s2 := hex.EncodeToString(out2) 30 if s1 != test.out1 || s2 != test.out2 { 31 t.Errorf("#%d: got: (%s, %s) want: (%s, %s)", i, s1, s2, test.out1, test.out2) 32 } 33 } 34} 35 36type testKeysFromTest struct { 37 version uint16 38 suite *cipherSuite 39 preMasterSecret string 40 clientRandom, serverRandom string 41 masterSecret string 42 clientMAC, serverMAC string 43 clientKey, serverKey string 44 macLen, keyLen int 45 contextKeyingMaterial, noContextKeyingMaterial string 46} 47 48func TestKeysFromPreMasterSecret(t *testing.T) { 49 for i, test := range testKeysFromTests { 50 in, _ := hex.DecodeString(test.preMasterSecret) 51 clientRandom, _ := hex.DecodeString(test.clientRandom) 52 serverRandom, _ := hex.DecodeString(test.serverRandom) 53 54 masterSecret := masterFromPreMasterSecret(test.version, test.suite, in, clientRandom, serverRandom) 55 if s := hex.EncodeToString(masterSecret); s != test.masterSecret { 56 t.Errorf("#%d: bad master secret %s, want %s", i, s, test.masterSecret) 57 continue 58 } 59 60 clientMAC, serverMAC, clientKey, serverKey, _, _ := keysFromMasterSecret(test.version, test.suite, masterSecret, clientRandom, serverRandom, test.macLen, test.keyLen, 0) 61 clientMACString := hex.EncodeToString(clientMAC) 62 serverMACString := hex.EncodeToString(serverMAC) 63 clientKeyString := hex.EncodeToString(clientKey) 64 serverKeyString := hex.EncodeToString(serverKey) 65 if clientMACString != test.clientMAC || 66 serverMACString != test.serverMAC || 67 clientKeyString != test.clientKey || 68 serverKeyString != test.serverKey { 69 t.Errorf("#%d: got: (%s, %s, %s, %s) want: (%s, %s, %s, %s)", i, clientMACString, serverMACString, clientKeyString, serverKeyString, test.clientMAC, test.serverMAC, test.clientKey, test.serverKey) 70 } 71 72 ekm := ekmFromMasterSecret(test.version, test.suite, masterSecret, clientRandom, serverRandom) 73 contextKeyingMaterial, err := ekm("label", []byte("context"), 32) 74 if err != nil { 75 t.Fatalf("ekmFromMasterSecret failed: %v", err) 76 } 77 78 noContextKeyingMaterial, err := ekm("label", nil, 32) 79 if err != nil { 80 t.Fatalf("ekmFromMasterSecret failed: %v", err) 81 } 82 83 if hex.EncodeToString(contextKeyingMaterial) != test.contextKeyingMaterial || 84 hex.EncodeToString(noContextKeyingMaterial) != test.noContextKeyingMaterial { 85 t.Errorf("#%d: got keying material: (%s, %s) want: (%s, %s)", i, contextKeyingMaterial, noContextKeyingMaterial, test.contextKeyingMaterial, test.noContextKeyingMaterial) 86 } 87 } 88} 89 90// These test vectors were generated from GnuTLS using `gnutls-cli --insecure -d 9 ` 91var testKeysFromTests = []testKeysFromTest{ 92 { 93 VersionTLS10, 94 cipherSuiteByID(TLS_RSA_WITH_RC4_128_SHA), 95 "0302cac83ad4b1db3b9ab49ad05957de2a504a634a386fc600889321e1a971f57479466830ac3e6f468e87f5385fa0c5", 96 "4ae66303755184a3917fcb44880605fcc53baa01912b22ed94473fc69cebd558", 97 "4ae663020ec16e6bb5130be918cfcafd4d765979a3136a5d50c593446e4e44db", 98 "3d851bab6e5556e959a16bc36d66cfae32f672bfa9ecdef6096cbb1b23472df1da63dbbd9827606413221d149ed08ceb", 99 "805aaa19b3d2c0a0759a4b6c9959890e08480119", 100 "2d22f9fe519c075c16448305ceee209fc24ad109", 101 "d50b5771244f850cd8117a9ccafe2cf1", 102 "e076e33206b30507a85c32855acd0919", 103 20, 104 16, 105 "4d1bb6fc278c37d27aa6e2a13c2e079095d143272c2aa939da33d88c1c0cec22", 106 "93fba89599b6321ae538e27c6548ceb8b46821864318f5190d64a375e5d69d41", 107 }, 108 { 109 VersionTLS10, 110 cipherSuiteByID(TLS_RSA_WITH_RC4_128_SHA), 111 "03023f7527316bc12cbcd69e4b9e8275d62c028f27e65c745cfcddc7ce01bd3570a111378b63848127f1c36e5f9e4890", 112 "4ae66364b5ea56b20ce4e25555aed2d7e67f42788dd03f3fee4adae0459ab106", 113 "4ae66363ab815cbf6a248b87d6b556184e945e9b97fbdf247858b0bdafacfa1c", 114 "7d64be7c80c59b740200b4b9c26d0baaa1c5ae56705acbcf2307fe62beb4728c19392c83f20483801cce022c77645460", 115 "97742ed60a0554ca13f04f97ee193177b971e3b0", 116 "37068751700400e03a8477a5c7eec0813ab9e0dc", 117 "207cddbc600d2a200abac6502053ee5c", 118 "df3f94f6e1eacc753b815fe16055cd43", 119 20, 120 16, 121 "2c9f8961a72b97cbe76553b5f954caf8294fc6360ef995ac1256fe9516d0ce7f", 122 "274f19c10291d188857ad8878e2119f5aa437d4da556601cf1337aff23154016", 123 }, 124 { 125 VersionTLS10, 126 cipherSuiteByID(TLS_RSA_WITH_RC4_128_SHA), 127 "832d515f1d61eebb2be56ba0ef79879efb9b527504abb386fb4310ed5d0e3b1f220d3bb6b455033a2773e6d8bdf951d278a187482b400d45deb88a5d5a6bb7d6a7a1decc04eb9ef0642876cd4a82d374d3b6ff35f0351dc5d411104de431375355addc39bfb1f6329fb163b0bc298d658338930d07d313cd980a7e3d9196cac1", 128 "4ae663b2ee389c0de147c509d8f18f5052afc4aaf9699efe8cb05ece883d3a5e", 129 "4ae664d503fd4cff50cfc1fb8fc606580f87b0fcdac9554ba0e01d785bdf278e", 130 "1aff2e7a2c4279d0126f57a65a77a8d9d0087cf2733366699bec27eb53d5740705a8574bb1acc2abbe90e44f0dd28d6c", 131 "3c7647c93c1379a31a609542aa44e7f117a70085", 132 "0d73102994be74a575a3ead8532590ca32a526d4", 133 "ac7581b0b6c10d85bbd905ffbf36c65e", 134 "ff07edde49682b45466bd2e39464b306", 135 20, 136 16, 137 "678b0d43f607de35241dc7e9d1a7388a52c35033a1a0336d4d740060a6638fe2", 138 "f3b4ac743f015ef21d79978297a53da3e579ee047133f38c234d829c0f907dab", 139 }, 140} 141